From 63f48db5c13952dbbc0938d721dd7d4ecadccf07 Mon Sep 17 00:00:00 2001 From: Akshay Saini <109056238+AkshaySainiDell@users.noreply.github.com> Date: Fri, 29 Mar 2024 16:59:05 +0530 Subject: [PATCH 1/6] Add dell/csm#1205 to known issues (#1045) * Add #1205 to known issues * Fix yaml snippet displaying issue --- content/docs/authorization/release/_index.md | 8 +++----- content/docs/deployment/csmoperator/release/_index.md | 1 + content/v1/authorization/release/_index.md | 5 +++-- content/v1/deployment/csmoperator/release/_index.md | 1 + content/v2/authorization/release/_index.md | 5 +++-- content/v2/deployment/csmoperator/release/_index.md | 4 +++- content/v3/authorization/release/_index.md | 4 ++++ content/v3/deployment/csmoperator/release/_index.md | 4 +++- 8 files changed, 21 insertions(+), 11 deletions(-) diff --git a/content/docs/authorization/release/_index.md b/content/docs/authorization/release/_index.md index a642a295af..164ec529b7 100644 --- a/content/docs/authorization/release/_index.md +++ b/content/docs/authorization/release/_index.md @@ -15,9 +15,6 @@ Description: > - - - ### New Features/Changes - [#926 - [FEATURE]: Fixing the linting, formatting and vetting issues](https://github.com/dell/csm/issues/926) @@ -26,5 +23,6 @@ Description: > ### Known Issues - -There are no known issues in this release. +| Issue | Workaround | +|-------|------------| +| CSM Operator does not support dynamic namespaces for Authorization. Despite successful installation in a namespace other than "authorization", errors may arise during volume creation. | Use the default namespace "authorization" for installing Authorization using CSM Operator| diff --git a/content/docs/deployment/csmoperator/release/_index.md b/content/docs/deployment/csmoperator/release/_index.md index 5803fd15c0..4aa71013b2 100644 --- a/content/docs/deployment/csmoperator/release/_index.md +++ b/content/docs/deployment/csmoperator/release/_index.md @@ -31,3 +31,4 @@ Description: > | Issue | Workaround | |-------|------------| | When CSM Operator creates a deployment that includes secrets (e.g., application-mobility, observability, cert-manager, velero), these secrets are not deleted on uninstall and will be left behind. For example, the `karavi-topology-tls`, `otel-collector-tls`, and `cert-manager-webhook-ca` secrets will not be deleted. | This should not cause any issues on the system, but all secrets present on the cluster can be found with `kubectl get secrets -A`, and any unwanted secrets can be deleted with `kubectl delete secret -n `| +| CSM Operator does not support dynamic namespaces for Authorization. Despite successful installation in a namespace other than "authorization", errors may arise during volume creation. | Use the default namespace "authorization" for installing Authorization using CSM Operator| diff --git a/content/v1/authorization/release/_index.md b/content/v1/authorization/release/_index.md index 3bcadd9408..07b4881533 100644 --- a/content/v1/authorization/release/_index.md +++ b/content/v1/authorization/release/_index.md @@ -27,5 +27,6 @@ Description: > ### Known Issues - -There are no known issues in this release. +| Issue | Workaround | +|-------|------------| +| CSM Operator does not support dynamic namespaces for Authorization. Despite successful installation in a namespace other than "authorization", errors may arise during volume creation. | Use the default namespace "authorization" for installing Authorization using CSM Operator| diff --git a/content/v1/deployment/csmoperator/release/_index.md b/content/v1/deployment/csmoperator/release/_index.md index a7c6b08e83..0efac132a7 100644 --- a/content/v1/deployment/csmoperator/release/_index.md +++ b/content/v1/deployment/csmoperator/release/_index.md @@ -46,6 +46,7 @@ Description: > |-------|------------| | The status field of a csm object as deployed by CSM Operator may, in limited cases, display an incorrect status for a deployment. | As a workaround, the health of the deployment can be determined by checking the health of the pods. | | When CSM Operator creates a deployment that includes secrets (e.g., application-mobility, observability, cert-manager, velero), these secrets are not deleted on uninstall and will be left behind. For example, the `karavi-topology-tls`, `otel-collector-tls`, and `cert-manager-webhook-ca` secrets will not be deleted. | This should not cause any issues on the system, but all secrets present on the cluster can be found with `kubectl get secrets -A`, and any unwanted secrets can be deleted with `kubectl delete secret -n `| +| CSM Operator does not support dynamic namespaces for Authorization. Despite successful installation in a namespace other than "authorization", errors may arise during volume creation. | Use the default namespace "authorization" for installing Authorization using CSM Operator| | The images of sideCars are currently missing in the sample YAMLs in the offline bundle. As a consequence, the csm-operator is pulling them from registry.k8s.io. | We recommend manually updating the images of sideCars in the sample YAML file, for example, `storage_csm_powerflex_v291.yaml`, before proceeding with the driver installation. Here is an example snippet for the sideCars section in the YAML file: ```yaml diff --git a/content/v2/authorization/release/_index.md b/content/v2/authorization/release/_index.md index a64bec93ca..c2b85c06e0 100644 --- a/content/v2/authorization/release/_index.md +++ b/content/v2/authorization/release/_index.md @@ -20,5 +20,6 @@ Description: > - [#916 - [BUG]: Remove references to deprecated io/ioutil package](https://github.com/dell/csm/issues/916) ### Known Issues - -There are no known issues in this release. +| Issue | Workaround | +|-------|------------| +| CSM Operator does not support dynamic namespaces for Authorization. Despite successful installation in a namespace other than "authorization", errors may arise during volume creation. | Use the default namespace "authorization" for installing Authorization using CSM Operator| diff --git a/content/v2/deployment/csmoperator/release/_index.md b/content/v2/deployment/csmoperator/release/_index.md index 5ac816b526..b5f331afa9 100644 --- a/content/v2/deployment/csmoperator/release/_index.md +++ b/content/v2/deployment/csmoperator/release/_index.md @@ -24,4 +24,6 @@ Description: > - [#898 - [BUG]: Unable to pull podmon image from local repository for offline install](https://github.com/dell/csm/issues/898) ### Known Issues -There are no known issues in this release. \ No newline at end of file +| Issue | Workaround | +|-------|------------| +| CSM Operator does not support dynamic namespaces for Authorization. Despite successful installation in a namespace other than "authorization", errors may arise during volume creation. | Use the default namespace "authorization" for installing Authorization using CSM Operator| \ No newline at end of file diff --git a/content/v3/authorization/release/_index.md b/content/v3/authorization/release/_index.md index 5383614d75..3390a862c4 100644 --- a/content/v3/authorization/release/_index.md +++ b/content/v3/authorization/release/_index.md @@ -21,3 +21,7 @@ Description: > - Authorization RPM installation should use nogpgcheck for k3s-selinux package. ([#772](https://github.com/dell/csm/issues/772)) - CSM Authorization - karavictl generate token should output valid yaml. ([#767](https://github.com/dell/csm/issues/767)) +### Known Issues +| Issue | Workaround | +|-------|------------| +| CSM Operator does not support dynamic namespaces for Authorization. Despite successful installation in a namespace other than "authorization", errors may arise during volume creation. | Use the default namespace "authorization" for installing Authorization using CSM Operator| \ No newline at end of file diff --git a/content/v3/deployment/csmoperator/release/_index.md b/content/v3/deployment/csmoperator/release/_index.md index 397664e60b..5278fedd50 100644 --- a/content/v3/deployment/csmoperator/release/_index.md +++ b/content/v3/deployment/csmoperator/release/_index.md @@ -27,4 +27,6 @@ CSM 1.7.1 is applicable to helm based installations of PowerFlex driver. ### Known Issues -There are no known issues in this release. \ No newline at end of file +| Issue | Workaround | +|-------|------------| +| CSM Operator does not support dynamic namespaces for Authorization. Despite successful installation in a namespace other than "authorization", errors may arise during volume creation. | Use the default namespace "authorization" for installing Authorization using CSM Operator| \ No newline at end of file From ed2fe20bd7fd6a3edc9931850233cbc246202250 Mon Sep 17 00:00:00 2001 From: boyamurthy <92081029+boyamurthy@users.noreply.github.com> Date: Fri, 29 Mar 2024 18:42:58 +0530 Subject: [PATCH 2/6] Updating powermax support matrix (#1046) --- content/docs/prerequisites/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/docs/prerequisites/_index.md b/content/docs/prerequisites/_index.md index 45f270a75b..a82f4c3dac 100644 --- a/content/docs/prerequisites/_index.md +++ b/content/docs/prerequisites/_index.md @@ -10,7 +10,7 @@ weight: 1 {{}} | Platform | Version | OS Dependencies | |---------------|:----------------:|:------------------------:| -| PowerMax | PowerMax 2500/8500 PowerMaxOS 10 (6079)
PowerMaxOS 10.0.1 (6079)
PowerMaxOS 10.1 (6079)
PowerMax 2000/8000 - 5978.711.xxx
5978.479.xxx
Unisphere 10.0,10.0.1,10.1 | iscsi-initiator-utils
multipathd or powerpath
nvme-cli
nfs-utils | +| PowerMax | PowerMax 2500/8500 PowerMaxOS 10 (6079)
PowerMaxOS 10.0.1 (6079)
PowerMaxOS 10.1 (6079)
PowerMax 2000/8000 - 5978.711.711, 5978.714.714
5978.479.479
Unisphere 10.0,10.0.1,10.1 | iscsi-initiator-utils
multipathd or powerpath
nvme-cli
nfs-utils | | PowerFlex | 3.6.x, 4.0.x, 4.5.x | [SDC](https://www.dell.com/support/home/en-us/product-support/product/scaleio/drivers)| | Unity XT | 5.1.x, 5.2.x, 5.3.0 | iscsi-initiator-utils
multipathd
nfs-utils | | PowerScale | OneFS 9.3, 9.4, 9.5.0.x (x >= 5) | nfs-utils | From a1a7a8bd2e6146fe830c3eadcbb76becb34e309d Mon Sep 17 00:00:00 2001 From: gallacher <35462391+gallacher@users.noreply.github.com> Date: Tue, 2 Apr 2024 16:51:42 -0300 Subject: [PATCH 3/6] Reverted doc changes to be aligned with CSM 1.10.2 --- .../docs/deployment/csmoperator/modules/authorization.md | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/content/docs/deployment/csmoperator/modules/authorization.md b/content/docs/deployment/csmoperator/modules/authorization.md index 2db1d421a4..80b0c902a3 100644 --- a/content/docs/deployment/csmoperator/modules/authorization.md +++ b/content/docs/deployment/csmoperator/modules/authorization.md @@ -60,9 +60,6 @@ kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/relea kubectl create -f samples/authorization/karavi-storage-secret.yaml ``` ->__Note__: -> - If you are installing CSM Authorization in a different namespace than `authorization`, edit the `namespace` field in this file to your namespace. - ### Install CSM Authorization Proxy Server 1. Follow all the [prerequisites](#prerequisite). @@ -85,7 +82,6 @@ kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/relea >__Note__: > - If you specify `REDIS_STORAGE_CLASS`, the storage class must NOT be provisioned by the Dell CSI Driver to be configured with this installation of CSM Authorization. -> - If you are installing CSM Authorization in a different namespace than `authorization`, edit the `namespace` fields in this file to your namespace. **Optional:** To enable reporting of trace data with [Zipkin](https://zipkin.io/), use the `csm-config-params` configMap in the sample CR or dynamically by editing the configMap. @@ -123,14 +119,11 @@ To enable reporting of trace data with [Zipkin](https://zipkin.io/), use the `cs kubectl create -f ``` ->__Note__: -> - If you are installing CSM Authorization in a different namespace than `authorization`, edit the `namespace` field in this file to your namespace. - ### Verify Installation of the CSM Authorization Proxy Server Once the Authorization CR is created, you can verify the installation as mentioned below: ```bash - kubectl describe csm/ -n authorization + kubectl describe csm/ -n ``` ### Install Karavictl From f9cf0c4cad3b7a1e30a834a7f3e548a16d54bd77 Mon Sep 17 00:00:00 2001 From: gallacher <35462391+gallacher@users.noreply.github.com> Date: Tue, 2 Apr 2024 16:54:51 -0300 Subject: [PATCH 4/6] Added fixed defect for PowerFlex --- content/docs/csidriver/release/powerflex.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/docs/csidriver/release/powerflex.md b/content/docs/csidriver/release/powerflex.md index 1e35e36b9d..5b06d59117 100644 --- a/content/docs/csidriver/release/powerflex.md +++ b/content/docs/csidriver/release/powerflex.md @@ -24,6 +24,7 @@ description: Release notes for PowerFlex CSI driver - [#1140 - [BUG]: Cert-csi tests are not reporting the passed testcases in K8S E2E tests ](https://github.com/dell/csm/issues/1140) - [#1163 - [BUG]: Resource quota bypass](https://github.com/dell/csm/issues/1163) - [#1174 - [BUG]: Kubelet Configuration Directory setting should not have a comment about default value being None](https://github.com/dell/csm/issues/1174) +- [#1210 - [BUG]: Helm deployment of PowerFlex driver is failing](https://github.com/dell/csm/issues/1210) ### Known Issues From 300b9e60adc0f211481dc46c165fdbf48125d786 Mon Sep 17 00:00:00 2001 From: gallacher <35462391+gallacher@users.noreply.github.com> Date: Wed, 3 Apr 2024 02:35:02 -0300 Subject: [PATCH 5/6] Adding PowerFlex known issue for https://github.com/dell/csm/issues/1210 (#1049) * Update PowerFlex known issues --- content/docs/csidriver/release/powerflex.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/docs/csidriver/release/powerflex.md b/content/docs/csidriver/release/powerflex.md index 1e35e36b9d..dc2eb65bf6 100644 --- a/content/docs/csidriver/release/powerflex.md +++ b/content/docs/csidriver/release/powerflex.md @@ -37,6 +37,7 @@ A CSI ephemeral pod may not get created in OpenShift 4.13 and fail with the erro | If the volume limit is exhausted and there are pending pods and PVCs due to `exceed max volume count`, the pending PVCs will be bound to PVs and the pending pods will be scheduled to nodes when the driver pods are restarted. | It is advised not to have any pending pods or PVCs once the volume limit per node is exhausted on a CSI Driver. There is an open issue reported with kubenetes at https://github.com/kubernetes/kubernetes/issues/95911 with the same behavior. | | The PowerFlex Dockerfile is incorrectly labeling the version as 2.7.0 for the 2.8.0 version. | Describe the driver pod using ```kubectl describe pod $podname -n vxflexos``` to ensure v2.8.0 is installed. | | Resource quotas may not work properly with the CSI PowerFlex driver. PowerFlex is only able to assign storage in 8Gi chunks, so if a create volume call is made with a size not divisible by 8Gi, CSI-PowerFlex will round up to the next 8Gi boundary when it provisions storage -- however, the resource quota will not record this size but rather the original size in the create request. This means that, for example, if a 10Gi resource quota is set, and a user provisions 10 1Gi PVCs, 80Gi of storage will actually be allocated, which is well over the amount specified in the resource quota. | For now, users should only provision volumes in 8Gi-divisible chunks if they want to use resource quotas. | +| Helm install of CSM for PowerFlex v1.10.0 is failing due to a duplicate `mountPath: /host_opt_emc_path` being added to volumeMounts charts/csi-vxflexos/templates/node.yaml. Error message is `Error: INSTALLATION FAILED: 1 error occurred: DaemonSet.apps "vxflexos-node" is invalid: spec.template.spec.initContainers[0].volumeMounts[4].mountPath: Invalid value: "/host_opt_emc_path": must be unique` | The issue can be resolved by removing the duplicate entry in [https://github.com/dell/helm-charts/blob/main/charts/csi-vxflexos/templates/node.yaml](https://github.com/dell/helm-charts/blob/main/charts/csi-vxflexos/templates/node.yaml) | ### Note: From 8eeea66a3a181cee1011a8e4054e2c79d6d17646 Mon Sep 17 00:00:00 2001 From: Kumar Yadav Date: Wed, 3 Apr 2024 11:41:19 +0530 Subject: [PATCH 6/6] Removing helm issue from known issue section of Powerflex driver --- content/docs/csidriver/release/powerflex.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/docs/csidriver/release/powerflex.md b/content/docs/csidriver/release/powerflex.md index 4c58a16f56..bd71c09903 100644 --- a/content/docs/csidriver/release/powerflex.md +++ b/content/docs/csidriver/release/powerflex.md @@ -38,7 +38,7 @@ A CSI ephemeral pod may not get created in OpenShift 4.13 and fail with the erro | If the volume limit is exhausted and there are pending pods and PVCs due to `exceed max volume count`, the pending PVCs will be bound to PVs and the pending pods will be scheduled to nodes when the driver pods are restarted. | It is advised not to have any pending pods or PVCs once the volume limit per node is exhausted on a CSI Driver. There is an open issue reported with kubenetes at https://github.com/kubernetes/kubernetes/issues/95911 with the same behavior. | | The PowerFlex Dockerfile is incorrectly labeling the version as 2.7.0 for the 2.8.0 version. | Describe the driver pod using ```kubectl describe pod $podname -n vxflexos``` to ensure v2.8.0 is installed. | | Resource quotas may not work properly with the CSI PowerFlex driver. PowerFlex is only able to assign storage in 8Gi chunks, so if a create volume call is made with a size not divisible by 8Gi, CSI-PowerFlex will round up to the next 8Gi boundary when it provisions storage -- however, the resource quota will not record this size but rather the original size in the create request. This means that, for example, if a 10Gi resource quota is set, and a user provisions 10 1Gi PVCs, 80Gi of storage will actually be allocated, which is well over the amount specified in the resource quota. | For now, users should only provision volumes in 8Gi-divisible chunks if they want to use resource quotas. | -| Helm install of CSM for PowerFlex v1.10.0 is failing due to a duplicate `mountPath: /host_opt_emc_path` being added to volumeMounts charts/csi-vxflexos/templates/node.yaml. Error message is `Error: INSTALLATION FAILED: 1 error occurred: DaemonSet.apps "vxflexos-node" is invalid: spec.template.spec.initContainers[0].volumeMounts[4].mountPath: Invalid value: "/host_opt_emc_path": must be unique` | The issue can be resolved by removing the duplicate entry in [https://github.com/dell/helm-charts/blob/main/charts/csi-vxflexos/templates/node.yaml](https://github.com/dell/helm-charts/blob/main/charts/csi-vxflexos/templates/node.yaml) | + ### Note: